March 31, 2014
According to recent Business Technographics data, half of US enterprise technology management professionals report that there is 1.) no way to gain a single view of status and availability across their portfolio of cloud services, 2.) that they don’t have a clear way to assess the risk of using a third-party public as-a-service offering, and/or 3.) that they have no way to manage how providers handle their data.
An interesting debate is ensuing regarding how to best protect cloud data, given the market landscape. So far two modalities are emerging:
·A. Inserting in-line encryption between the enterprise and the SaaS provider that encrypts and/or tokenizes all data before it goes to the cloud to ensure safety interoperating within public cloud systems.
·B. The human-firewall model, in which IT closely monitors activity with context/content analytics and anomaly detection tools.
The truth lies somewhere between the two. By carefully applying Forrester’s data security and control framework, clients should incrementally encrypt data deemed sensitive to compliance or regulation, such as credit card and Social Security numbers, and closely monitor all activity across users and cloud applications.
Emerging native cloud security vendors are building flexible solutions fusing these two capabilities. AlephCloud, Armor5, CipherCloud, nCryptedCloud, Perspecsys/Voltage, Skyhigh Networks, and Voltage integrate encryption and a comprehensive set of visibility capabilities. And Cloudlock, a cloud visibility and data governance services vendor, recently announced a new feature that intelligently encrypts information deemed sensitive like health and bank records directly in the cloud.
To learn about our three-step approach to manage data in the cloud, as well as new vendors and capabilities that can help, see our recently released Forrester report Protect Your Data In The Cloud.